INFOCON News
_________________________________________________________________
IWS - The Information Warfare Site
http://www.iwar.org.uk
_________________________________________________________________
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe infocon" in the body
---------------------------------------------------------------------
_________________________________________________________________
----------------------------------------------------
[News Index]
----------------------------------------------------
[1] NIPC chief Ron Dick to retire
[2] Ridge says intelligence czar probably unnecessary
[3] Internet Filters Block Many Useful Sites, Study Finds
[4] Study Refutes E-Mail Myth
[5] Senate Closes Accidental Anonymizer
[6] Rooting Out Corrupted Code
[7] 'I'm no hacker', Sklyarov tells US court
[8] Defense officials advocate new classification system for information
[9] DALnet debilitated by DoS attacks
[10] Panel urges cooperation on cybersecurity
[11] Tech Pros Gather Antispam Forces
[12] Securing Outlook, Part One: Initial Configuration
[13] Hi-tech crime threatens UK plc - survey
[14] White House threatens nuclear retailiation to attacks on U.S.
[15] Raided Firm's Software Checks Out
[16] Web pedos crack into corporate servers
[17] Research signals safer smart cards
[18] Security agency expects airports to meet baggage screening deadline
[19] All bugs are created equal
_________________________________________________________________
CURRENT THREAT LEVELS
_________________________________________________________________
Electricity Sector Physical: Elevated (Yellow)
Electricity Sector Cyber: Elevated (Yellow)
Homeland Security Elevated (Yellow)
DOE Security Condition: 3, modified
NRC Security Level: III (Yellow) (3 of 5)
_________________________________________________________________
News
_________________________________________________________________
(Pity Ron Dick is leaving NIPC as he was a good politician. He managed
to improve the risk & threat analysis section to a certain extend and
improved NIPC's relationship with other US government agencies. At least
a good man will take over who might be able to 'militarise' the Feds and
make them more efficient and cut through the bureaucratic red tape
before NIPC will be transferred to the bureaucratic monster known as
Homeland Security Department. WEN)
[1] NIPC chief Ron Dick to retire
By DAN VERTON
DECEMBER 09, 2002
WASHINGTON -- Ron Dick, the director of the FBI's National
Infrastructure Protection Center (NIPC), the cyberthreat and warning arm
of the bureau, plans to retire this month, bringing to a close a 25-year
career in law enforcement.
Dick, who took the helm of the NIPC in March 2001 during one of the most
tumultuous times in the agency's brief history (see story), is credited
with helping the NIPC define its role and mission within a growing and
complicated federal cybsersecurity bureaucracy and amid incessant
assaults from an army of critics who often took aim at what they saw as
a lack of strategic analysis coming out of the agency.
http://www.computerworld.com/securitytopics/security/story/0,10801,76538
,00.html
----------------------------------------------------
(It is scary to see that Ridge bases his faith in technology instead of
creating an intelligence czar. Technology will definitely not solve the
information sharing problem: From the economist: 'In addition to
intelligence gathering, equally in need of a shake-ups is how the
secrets are analysed. This will be harder. The trouble is that the
United States intelligence 'community' is no community at all.' See:
http://www.mail-archive.com/infocon@infowarrior.org/msg00322.html. WEN)
[2] Ridge says intelligence czar probably unnecessary
By Shane Harris
Tom Ridge, President Bush's choice to head the Homeland Security
Department, said on Wednesday that if the architecture of the department
is carefully crafted, an "intelligence czar" would not be necessary, but
added that the president has said the topic is "open for discussion."
Ridge said he believes technology could be sufficient to ensure that
security intelligence is distributed effectively within the government,
adding that his office is working with the FBI and CIA on such security
efforts. Ridge made the comments to a task force of state lawmakers
convened by the National Conference of State Legislatures to focus on
homeland security.
The House-Senate intelligence panel investigating the events that led to
the Sept. 11 attacks called Wednesday for the appointment of a new
Cabinet-level intelligence chief. Such an official would significantly
limit the current authority of the CIA director, who in theory should
act as the government's chief intelligence overseer. The new director of
national intelligence would have authority over the government's 14
civilian and Defense intelligence agencies.
http://www.govexec.com/dailyfed/1202/121102h1.htm
----------------------------------------------------
(Internet filters are not always useful. For example the US DoD has some
really bad filters which from time to time send email back to me as they
contain certain words. Also some people I know who work at the DoD
complain about the content filter as it limits what they can do. So some
of them just get a dial-up and thereby bypass most of the security, i.e.
Internet filters if not set up correctly, can be more of security risk
than having none as it forces people to seek alternative communication
channels. WEN)
[3] Internet Filters Block Many Useful Sites, Study Finds
By JOHN SCHWARTZ
Teenagers who look to the Internet for health information as part of
their "wired generation" birthright are blocked from many useful sites
by antipornography filters that federal law requires in school and
library computers, a new study has found.
The filtering programs tend to block references to sex and sex-related
terms, like "safe sex," "condoms," "abortion," "jock itch," "gay" and
"lesbian." Although the software can be adjusted to allow access to most
health-related Web sites, many schools and libraries ratchet up the
software's barriers to highest settings, the report said.
"A little bit of filtering is O.K., but more isn't necessarily better,"
said Vicky Rideout, vice president of the Henry J. Kaiser Family
Foundation, which produced the report, to be published today in The
Journal of the American Medical Association. "If they are set too high,
they can be a serious obstacle to health information."
http://www.nytimes.com/2002/12/11/technology/11FILT.html?ex=1040360400&e
n=6832839c095b51a4&ei=5040&partner=MOREOVER
----------------------------------------------------
[4] Study Refutes E-Mail Myth
10:28 AM Dec. 09, 2002 PT
NEW YORK -- If you're feeling inundated by e-mail at work and think the
annoyance must be universal, you're wrong.
A new study from the Pew Internet and American Life Project finds that
overwhelming levels of e-mail are quite atypical, an outcome that
surprised even the researchers.
"All of the anecdotal evidence you hear from people out there is, 'I'm
so overwhelmed by the volume of e-mail,'" said Deborah Fallows, a senior
research fellow at Pew. "The perception comes from the people who are
talking most loudly about it, those few who are most overwhelmed."
http://www.wired.com/news/technology/0,1282,56781,00.html
----------------------------------------------------
(I am looking for a good US proxy as some military sites seem to be
banning foreign IP addresses (I did not know that the UK belonged to the
Axis of Evil). So please drop me a line, if you know a good one. WEN)
[5] Senate Closes Accidental Anonymizer
By Kevin Poulsen, SecurityFocus Dec 10 2002 1:24PM
Never let it be said that the United States Senate has done nothing for
Internet privacy.
Network administrators for the U.S. government site www.senate.gov shut
down an open proxy server over the weekend that for months had turned
the site into a free Web anonymizer that could have allowed savvy
surfers to launder their Internet connections so that efforts to trace
them would lead to Capitol Hill.
A proxy server is normally a dedicated machine that sits between a
private network and the outside world, passing internal users' Web
requests out to the Internet. But they're sometimes misconfigured to
accept and forward connections from the outside as well, allowing anyone
on the Internet to route through the proxy with a simple browser
configuration change.
http://online.securityfocus.com/news/1780
----------------------------------------------------
[6] Rooting Out Corrupted Code
Is there a backdoor on your system? A flawed but timely project from the
Shmoo Group could help network administrators spot altered programs.
By Jon Lasser Dec 11, 2002
Sometimes it's easy to tell when you're dealing with an imposter. That
Mona Lisa at your neighbor's yard sale is unlikely to be the real thing.
When you see Elvis at the mall, you can be pretty sure that he's a fake,
too.
Even on a computer it can be obvious. when you run strings against your
ls binary and among all of the other data it returns gcc -shared -o
/tmp/own.so /tmp/own.c;rm -f /tmp/own.c, you can be pretty sure that's
not the real ls command. A fellow in my local Linux Users Group reported
this recently, and he didn't need to be told that the system had been
rooted.
http://online.securityfocus.com/columnists/129
----------------------------------------------------
[7] 'I'm no hacker', Sklyarov tells US court
By John Leyden
Posted: 10/12/2002 at 16:22 GMT
Dmitry Sklyarov, the Russian programmer at the centre of the first
Digital Millennium Copyright Act (DMCA) prosecution, yesterday delivered
his long-awaited testimony in the trial of his former employer,
ElcomSoft.
ElcomSoft is charged with supplying a tool which circumvents the copy
protection in Adobe eBooks, which can be used in making audible copies
of e-books for the blind, or copies of legitimately purchased electronic
books. The prosecution argues the utility was primarily designed to
circumvent copyright protection mechanisms and facilitate piracy.
http://www.theregister.co.uk/content/55/28510.html
----------------------------------------------------
[8] Defense officials advocate new classification system for information
>From National Journal's Technology Daily
Homeland security officials may have to develop a new classification
system to let military and civilian agencies at all levels of government
share counterterrorism information, several Pentagon officials said
Tuesday during an E-Gov conference.
Maj. Gen. Dale Meyerrose, chief information officer of the U.S. Northern
Command (NORTHCOM), noted that the Defense Department classifies
information on a "need to know" basis, while many law enforcement
agencies classify on a "need to prosecute."
"Neither a need-to-know nor a need-to-prosecute [standard] serves our
information-exchange requirements," Meyerrose said, adding that NORTHCOM
will need to handle most homeland security information on a
"need-to-share" basis.
http://www.govexec.com/dailyfed/1202/121102td1.htm
----------------------------------------------------
[9] DALnet debilitated by DoS attacks
By John Leyden
Posted: 10/12/2002 at 18:30 GMT
DALnet, one of the world's biggest IRC service providers, has apologised
to its users for disruptions caused by an unusually fierce DDoS attack
over the weekend, whose effects are continuing to be felt.
"It is a sad fact that it has been somewhat difficult to connect to
DALnet for some time," a notice to its users explains. "There are
several reasons for this, including ongoing attacks and a loss of
servers.
http://www.theregister.co.uk/content/55/28515.html
----------------------------------------------------
[10] Panel urges cooperation on cybersecurity
By Michael Hardy, IDG News Service
DECEMBER 11, 2002
Content Type: Story
Source: IDG News Service
Protecting financial institutions from cyberattacks requires increasing
levels of cooperation between the government and the private sector,
panelists said yesterday at a conference in Washington called Homeland
Security 2002: Establishing a Culture of Cooperation.
Many of the conference's sessions emphasized such cooperation, which is
being fostered by changing mind-sets in both government and the private
sector.
In the financial services world, the responsibility for keeping up with
threats -- and the technologies that can help guard against them --
rests with the banks and investment houses, said Richard Marshall,
deputy director of the Critical Infrastructure Assurance Office, one of
22 federal agencies that will soon become part of the U.S.'s new
Department of Homeland Security.
http://www.computerworld.com/securitytopics/security/story/0,10801,76610
,00.html
----------------------------------------------------
[11] Tech Pros Gather Antispam Forces
By Michelle Delio | 02:00 AM Dec. 12, 2002 PT
NEW YORK -- Tradeshows have never been most people's idea of big fun,
but over the past few years they've been downright depressing.
Light attendance, bevies of bummed-out booth babes with no one to flirt
with and an ever-dwindling crowd of exhibitors make for a pretty
melancholy way to spend a day.
The buzz on the floor was that security companies are starting to hire
again. And the corporate techies cruising the conference are actually
buying, not just gazing on wistfully and muttering about blasted
budgets.
http://www.wired.com/news/infostructure/0,1377,56809,00.html
----------------------------------------------------
(The best way of securing Outlook might be to uninstall it. WEN)
[12] Securing Outlook, Part One: Initial Configuration
by Scott Granneman
last updated December 10, 2002
Larry Lieberman is a busy guy. He's been on the city council of
University City, Missouri for decades, and he's always been extremely
responsive to his constituents. But email has really changed his life.
Instead of writing letters or calling, nowadays his constituents send
him email - a lot of email. Every day, his inbox fills with questions,
praise, complaints, and requests, and Larry answers it all using his
email client of choice - Microsoft Outlook.
But then one day Larry got the virus.
http://online.securityfocus.com/infocus/1648
----------------------------------------------------
[13] Hi-tech crime threatens UK plc - survey
By John Leyden
Posted: 10/12/2002 at 17:21 GMT
British companies consider sabotage of data or networks, virus attacks
and financial fraud as a real threat to the future of their business.
A survey of 105 firms conducted by NOP for the National Hi-Tech Crime
Unit (NHTCU) yielded reports of more than 3,000 separate incidents with
virus attacks accounting for 1,305. Hacking and Denial of Service
attacks accounted for one in five (20 per cent) of all attacks.
http://www.theregister.co.uk/content/55/28512.html
----------------------------------------------------
[14] White House threatens nuclear retailiation to attacks on U.S.
By Bryan Bender, Global Security Newswire
The Bush administration Wednesday published the first national strategy
on combating the threat of weapons of mass destruction, signaling to
terrorist groups and hostile states in the strongest language yet that
the United States would retaliate with nuclear weapons if attacked with
nuclear, chemical, biological or radiological weapons.
The National Strategy to Combat Weapons of Mass Destruction, drafted by
the National Security Council and White House Office of Homeland
Security, lays out a three-pronged strategy for countering what is
described as "one of the greatest security challenges facing the United
States."
The strategy calls for the development of new military and civilian
capabilities to defeat adversaries armed with weapons of mass
destruction, the strengthening of nonproliferation treaties and arms
control regimes, and preparations to reduce, "to the extent possible,"
the potentially catastrophic consequences of a successful attack against
the United States or its allies.
http://www.govexec.com/dailyfed/1202/121102gsn1.htm
----------------------------------------------------
[15] Raided Firm's Software Checks Out
By Michelle Delio | 02:00 AM Dec. 10, 2002 PT
Software designed by Ptech, a Massachusetts technology firm U.S. federal
agents suspect might be linked to terrorist groups, does not appear to
threaten national security.
Federal agents raided the company's Quincy offices early Friday morning.
Officials are investigating allegations that investors in the company
also finance terrorist organizations.
News of the raid sparked concerns that Ptech's software could have been
engineered to allow attackers access to classified national-security
data. The Army and Air Force, Congress, the White House, the Federal
Aviation Administration and the FBI use the company's
knowledge-management software.
http://www.wired.com/news/conflict/0,2100,56777,00.html
----------------------------------------------------
[16] Web pedos crack into corporate servers
By John Leyden
Posted: 09/12/2002 at 18:03 GMT
Web paedophiles are turning to cracking techniques to cover their track,
claims the head of the UK's National Hi-Tech Crime Unit (NHTCU).
Detective Chief Superintendent Les Hynds warned today of cases where
pay-per-view child porn sites on corporate servers after gaining control
to victims' servers.
Hynds declined to furnish details, citing operational reasons, but he
gave a basic outline of the crime, which he describes as a growing
problem.
http://www.theregister.co.uk/content/55/28487.html
----------------------------------------------------
[17] Research signals safer smart cards
By ComputerWire
Posted: 09/12/2002 at 22:49 GMT
Cryptography Research Inc, the company behind the design of the SSL v3.0
protocol that is used to secure transactions on the world wide web,
claims to have discovered a new class of attacks that could be used by
hackers to extract secret keys and information from smart cards and
secure cryptographic tokens.
Known as Differential Power Analysis (DPA), the San Francisco,
California-based company says it could be a serious issue affecting
smart cards and many other supposedly tamper-resistant hardware devices.
http://www.theregister.co.uk/content/55/28489.html
----------------------------------------------------
[18] Security agency expects airports to meet baggage screening deadline
>From National Journal's Technology Daily
The Transportation Security Administration expects all of the nation's
commercial airports to meet a Dec. 31, 2002, deadline for screening all
checked baggage for explosives, TSA chief James Loy said Monday, during
a homeland security conference sponsored by E-Gov.
Under the new law creating a Homeland Security Department, TSA can grant
extensions to airports that are unable to install explosives detection
technologies by Dec. 31. But those airports must use alternative
methods, such as manual searches and bomb-sniffing dogs, for screening
all checked baggage by Dec. 31.
Loy said the slower screening methods could cause passenger delays, but
said any delays would be reasonable.
http://www.govexec.com/dailyfed/1202/120902td2.htm
----------------------------------------------------
[19] All bugs are created equal
By John Leyden
Posted: 11/12/2002 at 16:06 GMT
Security tools vendor ISS has promised to handle security
vulnerabilities affecting open source and Windows platforms the same way
following criticism of its premature disclosure of open source security
problems.
In recent months, sections of the security community allege that ISS has
jumped the gun in releasing information on flaws within a Solaris font
daemon, BIND and (most notably) Apache ahead of the widespread
availability of a fix. Critics argue ISS acted out of self-promotion
rather than the interests of the wider Internet community.
ISS strongly denies this but admits to mistakes in its approach which it
addresses through revised vulnerability disclosure guidelines.
http://www.theregister.co.uk/content/55/28533.html
----------------------------------------------------
_____________________________________________________________________
The source material may be copyrighted and all rights are
retained by the original author/publisher.
Copyright 2002, IWS - The Information Warfare Site
_____________________________________________________________________
Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site
<http://www.iwar.org.uk>
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe
infocon" in the body
---------------------------------------------------------------------
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk